Commit c887e6d2 authored by Ilpo Järvinen's avatar Ilpo Järvinen Committed by David S. Miller

tcp: consolidate paws check

Wow, it was quite tricky to merge that stream of negations
but I think I finally got it right:

check & replace_ts_recent:
(s32)(rcv_tsval - ts_recent) >= 0                  => 0
(s32)(ts_recent - rcv_tsval) <= 0                  => 0

discard:
(s32)(ts_recent - rcv_tsval)  > TCP_PAWS_WINDOW    => 1
(s32)(ts_recent - rcv_tsval) <= TCP_PAWS_WINDOW    => 0

I toggled the return values of tcp_paws_check around since
the old encoding added yet-another negation making tracking
of truth-values really complicated.
Signed-off-by: default avatarIlpo Järvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent c43d558a
...@@ -997,11 +997,21 @@ static inline int tcp_fin_time(const struct sock *sk) ...@@ -997,11 +997,21 @@ static inline int tcp_fin_time(const struct sock *sk)
return fin_timeout; return fin_timeout;
} }
static inline int tcp_paws_check(const struct tcp_options_received *rx_opt, int rst) static inline int tcp_paws_check(const struct tcp_options_received *rx_opt,
int paws_win)
{ {
if ((s32)(rx_opt->rcv_tsval - rx_opt->ts_recent) >= 0) if ((s32)(rx_opt->ts_recent - rx_opt->rcv_tsval) <= paws_win)
return 0; return 1;
if (get_seconds() >= rx_opt->ts_recent_stamp + TCP_PAWS_24DAYS) if (unlikely(get_seconds() >= rx_opt->ts_recent_stamp + TCP_PAWS_24DAYS))
return 1;
return 0;
}
static inline int tcp_paws_reject(const struct tcp_options_received *rx_opt,
int rst)
{
if (tcp_paws_check(rx_opt, 0))
return 0; return 0;
/* RST segments are not recommended to carry timestamp, /* RST segments are not recommended to carry timestamp,
......
...@@ -3883,8 +3883,7 @@ static inline void tcp_replace_ts_recent(struct tcp_sock *tp, u32 seq) ...@@ -3883,8 +3883,7 @@ static inline void tcp_replace_ts_recent(struct tcp_sock *tp, u32 seq)
* Not only, also it occurs for expired timestamps. * Not only, also it occurs for expired timestamps.
*/ */
if ((s32)(tp->rx_opt.rcv_tsval - tp->rx_opt.ts_recent) >= 0 || if (tcp_paws_check(&tp->rx_opt, 0))
get_seconds() >= tp->rx_opt.ts_recent_stamp + TCP_PAWS_24DAYS)
tcp_store_ts_recent(tp); tcp_store_ts_recent(tp);
} }
} }
...@@ -3936,9 +3935,9 @@ static inline int tcp_paws_discard(const struct sock *sk, ...@@ -3936,9 +3935,9 @@ static inline int tcp_paws_discard(const struct sock *sk,
const struct sk_buff *skb) const struct sk_buff *skb)
{ {
const struct tcp_sock *tp = tcp_sk(sk); const struct tcp_sock *tp = tcp_sk(sk);
return ((s32)(tp->rx_opt.ts_recent - tp->rx_opt.rcv_tsval) > TCP_PAWS_WINDOW &&
get_seconds() < tp->rx_opt.ts_recent_stamp + TCP_PAWS_24DAYS && return !tcp_paws_check(&tp->rx_opt, TCP_PAWS_WINDOW) &&
!tcp_disordered_ack(sk, skb)); !tcp_disordered_ack(sk, skb);
} }
/* Check segment sequence number for validity. /* Check segment sequence number for validity.
...@@ -5513,7 +5512,7 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb, ...@@ -5513,7 +5512,7 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb,
/* PAWS check. */ /* PAWS check. */
if (tp->rx_opt.ts_recent_stamp && tp->rx_opt.saw_tstamp && if (tp->rx_opt.ts_recent_stamp && tp->rx_opt.saw_tstamp &&
tcp_paws_check(&tp->rx_opt, 0)) tcp_paws_reject(&tp->rx_opt, 0))
goto discard_and_undo; goto discard_and_undo;
if (th->syn) { if (th->syn) {
......
...@@ -107,7 +107,7 @@ tcp_timewait_state_process(struct inet_timewait_sock *tw, struct sk_buff *skb, ...@@ -107,7 +107,7 @@ tcp_timewait_state_process(struct inet_timewait_sock *tw, struct sk_buff *skb,
if (tmp_opt.saw_tstamp) { if (tmp_opt.saw_tstamp) {
tmp_opt.ts_recent = tcptw->tw_ts_recent; tmp_opt.ts_recent = tcptw->tw_ts_recent;
tmp_opt.ts_recent_stamp = tcptw->tw_ts_recent_stamp; tmp_opt.ts_recent_stamp = tcptw->tw_ts_recent_stamp;
paws_reject = tcp_paws_check(&tmp_opt, th->rst); paws_reject = tcp_paws_reject(&tmp_opt, th->rst);
} }
} }
...@@ -511,7 +511,7 @@ struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb, ...@@ -511,7 +511,7 @@ struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb,
* from another data. * from another data.
*/ */
tmp_opt.ts_recent_stamp = get_seconds() - ((TCP_TIMEOUT_INIT/HZ)<<req->retrans); tmp_opt.ts_recent_stamp = get_seconds() - ((TCP_TIMEOUT_INIT/HZ)<<req->retrans);
paws_reject = tcp_paws_check(&tmp_opt, th->rst); paws_reject = tcp_paws_reject(&tmp_opt, th->rst);
} }
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment